1. Field of the Invention
The present invention generally relates to antivirus control in a network system and, more particularly, damage control against virus outbreak in a network environment with a plurality of device nodes under malicious code attack.
2. Description of the Related Art
When a network environment experiences an undesirable code attack, network manager(s) and information technology (IT) specialists need to investigate the situation as soon as the attack is discovered. IT specialists then determine the proper tool or tools that would most effectively block and, hopefully, remove the undesirable intruding code altogether and restore the network system to normal as soon as possible. The process of pinpointing the intruding code and finding the proper solution is often tedious, complex and time consuming.
The Internet is an ideal mass medium for the spread of computer viruses since virtually every computer needs to be connected to another computer or network either directly or indirectly. The Internet, with all its benefits and fascinations, is nonetheless an effective and efficient medium for an intentional spread of malicious code attack. It has been estimated that some fast-paced viruses can spread throughout the entire Internet within a matter of a couple of hours if not effectively stopped. In fact,
For any network environment, be it the Internet, a wide area network (WAN), a corporate local area network (LAN) or even wireless communications networks for mobile phones and personal digital assistant (PDA) devices, the more data transmitted and the more services offered, the more likely viruses are able to infect those networks.
In day-to-day efforts against computer viruses and other terminal device viruses, an end user is constantly looking for solutions against such viruses. Even in the case of corporate networks that are closely guarded by an anti virus firewall and all sorts of virus protection software, some viruses are still able to penetrate then and do great herein. This is because conventional anti virus technology generally relies on already identified viruses. In other words, conventional anti virus schemes are usually effective against known computer viruses, but are unable to block unknown viruses. A newly-captured virus has to be analyzed by, e.g., an anti virus service provider. Therefore, terminal devices such as computers connected to a LAN or WAN is generally unable to have anti virus protection against unknown viruses with conventional anti virus software.
When the terminal device or computer connected to a network is subject to attack by an unknown virus penetrating into the network, it is the responsibility of network managers to guard against such attacks and the restore the network to normal operating status as quickly as possible. The level of preparedness in a network is dependent upon knowing the probability of a virus successfully penetrate the corporate network, e.g., LAN. When a computer virus does penetrate into a corporate LAN, the spreading of the virus infection in the network will be only as fast and as end effective as users on the LAN are able to utilize the network. Some of the latest viruses are so fast and ferocious that rapid and effective counter-measures must be immediately implemented by LAN managers in order to reduce the damage likely to result.
One conventional measure a LAN manager can undertake is to physically unplug network cables when there is an outbreak of a ferocious virus that has already penetrated the LAN. However, such drastic measures are likely to undesirably affect the uninfected sectors of the corporate LAN as well as cause inconvenience for end users. On the other hand, any hesitation, including the time spent on retrieving anti virus tools, can lead to greater damage to the corporate LAN. In the time frame for an anti virus service provider to analyze and implement a cure, the entire corporate LAN might be thoroughly infected.
There is thus a general need in the art for effective and optimal antivirus control against computer viruses in a network system overcoming at least the aforementioned shortcomings in the art. In particular, there is a need in the art for an optimal method and system for effective damage control against the spread of computer viruses in a network.